package com.platform.destiny.web;

import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.google.common.collect.Lists;
import com.platform.destiny.dto.Result;
import com.platform.destiny.dto.UserPageReq;
import com.platform.destiny.dto.UserReq;
import com.platform.destiny.entity.User;
import com.platform.destiny.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PreFilter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * @Description
 * @Author kaiyang
 * @Date 2024-02-01 2:39 PM
 */

@Slf4j
@RestController
@RequestMapping(value = "api/user")
public class UserController {


    @Autowired
    private UserService userService;

    // PostFilter
    @PostFilter("filterObject.id % 3 == 0")
    public List<User> userList(){
        User entity = new User();
        entity.setId(2L);
        return Lists.newArrayList(entity);
    }

    // PreFilter
    @PreFilter(filterTarget = "userList", value = "filterObject.id % 3 == 0")
    public List<User> userList(List<User> userList, String text){
        User entity = new User();
        entity.setId(2L);
        return Lists.newArrayList(entity);
    }

    // 扩展 spring-security 权限认证， 这里需要传入两个参数
    @PreAuthorize("hasPermission('user','page')")
    @GetMapping(value = "page1")
    public Result<Page<User>> selectUserPage1(UserPageReq userReq) {
        Page<User> userList = userService.selectUserPage(userReq);
        return Result.success(userList);
    }

    // spring-security 权限校验
    // hasAnyAuthority hasAuthority
    // hasRole hasAnyRole
    @PreAuthorize("hasAuthority('admin')")
    @PostMapping(value = "home")
    public Result<List<User>> home(@RequestBody UserReq req) {

        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        log.info("user auth is {}", JSONObject.toJSONString(auth));
        List<User> users = userService.queryUserList(req);
        Result<List<User>> success = Result.success(users);
        return success;
    }

    // 自定义权限验证 hasPermi
    @PreAuthorize("@ss.hasPermi('app:user:add')")
    @PostMapping(value = "add")
    public Result<Integer> add(@RequestBody UserReq userReq) {
        User user = new User();
        BeanUtils.copyProperties(userReq, user);
        Integer insert = userService.insert(user);
        return Result.success(insert);
    }


    @PreAuthorize("@ss.hasPermi('app:user:update')")
    @PostMapping(value = "update")
    public Result<Integer> update(@RequestBody UserReq userReq) {
        User user = new User();
        BeanUtils.copyProperties(userReq, user);
        Integer insert = userService.update(user);
        return Result.success(insert);
    }

    @PreAuthorize("@ss.hasPermi('app:user:del')")
    @DeleteMapping(value = "delete")
    public Result<Integer> delete(Long id) {
        Integer insert = userService.deleteById(id);
        return Result.success(insert);
    }


    /**
     * 自定义权限认证
     */
    @PreAuthorize("@ss.hasPermi('app:user:detail')")
    @GetMapping(value = "detail")
    public Result<User> selectById(Long id) {
        User user = userService.selectById(id);
        return Result.success(user);
    }


    @PreAuthorize("@ss.hasPermi('app:user:page')")
    @GetMapping(value = "page")
    public Result<Page<User>> selectUserPage(UserPageReq userReq) {
        Page<User> userList = userService.selectUserPage(userReq);
        return Result.success(userList);
    }



}
